US7996677B2 - Digitally certified stationery - Google Patents

Digitally certified stationery Download PDF

Info

Publication number
US7996677B2
US7996677B2 US11/567,707 US56770706A US7996677B2 US 7996677 B2 US7996677 B2 US 7996677B2 US 56770706 A US56770706 A US 56770706A US 7996677 B2 US7996677 B2 US 7996677B2
Authority
US
United States
Prior art keywords
official
document
user
information
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US11/567,707
Other versions
US20080141330A1 (en
Inventor
Denis X. Charles
Kamal Jain
Kristin E. Lauter
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to US11/567,707 priority Critical patent/US7996677B2/en
Assigned to MICROSOFT CORPORATION reassignment MICROSOFT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHARLES, DENIS X., JAIN, KAMAL, LAUTER, KRISTIN E.
Publication of US20080141330A1 publication Critical patent/US20080141330A1/en
Application granted granted Critical
Publication of US7996677B2 publication Critical patent/US7996677B2/en
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party

Definitions

  • Official stationery typically includes a printed letterhead of the company on good quality paper.
  • Official stationery may also include an embedded watermark to establish origination.
  • Official stationery is typically designated and used for “official communications” (e.g., memos, faxes, press releases, etc.), to present corporate “authority” in some manner.
  • official company stationery may be used for communications other than communications that the company would designate as “official”.
  • official company stationery is typically easily reproducible. As a result, a corporation may lose control of the number of pieces of official company stationery available to authorized and unauthorized users for use and distribution to others.
  • a stationery granting authority receives a request from a user to generate a document. If the user is authorized for the requested document, the SGA generates a certificate with credentialing information from data in the request. The SGA generates a first digital signature from some of the credentialing information. The SGA communicates the certificate to the user for editing and distribution as the document.
  • a recipient of the document determines whether the document is “official” by contacting a specified service to provide certain information from the document.
  • the verification service computes a second digital signature from the provided information for comparison to the first digital signature. If there is a match, the service notifies the recipient that the document is valid/official. Otherwise, the recipient is notified that the document is not valid.
  • FIG. 1 shows an exemplary system for digitally certified stationery, according to one embodiment.
  • FIG. 2 shows an exemplary procedure for digitally certified stationery, according to one embodiment.
  • FIG. 3 shows another exemplary procedure for digitally certified stationery, according to one embodiment.
  • Program modules generally include routines, programs, objects, components, data structures, etc., that perform particular tasks or implement particular abstract data types. While the systems and methods are described in the foregoing context, acts and operations described hereinafter may also be implemented in hardware.
  • FIG. 1 shows an exemplary system 100 for digitally certified stationery, according to one embodiment.
  • system 100 includes a computing device 102 coupled across a network 104 to one or more remote computing devices 106 .
  • Each computing device 102 and remote computing device 106 represents, for example a general purpose computing device, a server, a laptop, a mobile computing device, and/or so on, that accepts information in digital or similar form and manipulates it for a specific result based upon a sequence of instructions.
  • each computing device 102 and 106 includes one or more processors coupled to a respective tangible computer-readable storage medium such as a system memory.
  • System memory includes, for example, volatile random access memory (e.g., RAM) and non-volatile read-only memory (e.g., ROM, flash memory, etc.).
  • a processor may be a microprocessor, microcomputer, microcontroller, digital signal processor, etc.
  • the system memory includes computer-program modules comprising computer-program instructions executable by the one or more processors and program data that is generated and/or used by respective ones of the program modules.
  • computing device 102 includes one or more processors 108 coupled to system memory 110 .
  • System memory 110 comprises program modules 112 and program data 114 .
  • program modules 112 include, for example, stationery-granting authority 116 and “other program modules” 124 such as an Operating System (OS) to provide a runtime environment, a Web server to serve web pages to a requesting remote computing device 106 , device drivers, cryptographic applications, and/or other applications.
  • Stationery-granting authority 116 responds to request(s) from an authorized user to obtain an official stationery certificate(s) (template(s)) from which the user creates and distributes official stationery/documents to end-users/readers to communicate official information (e.g., text, images, etc.).
  • recipient of such official documents contact the stationery granting authority to verify authenticity of the received documents.
  • a user of remote device 106 sends a request 120 to stationery-granting authority 116 (“SGA 116 ”) to obtain an official stationery certificate 122 (template) from which the user can generate an official document 124 for distribution to recipient(s).
  • SGA 116 stationery-granting authority 116
  • Each request 120 includes, for example, one or more of a name or other identifier of the entity submitting the request (e.g., an employee number or other indicia mapped to the user), an indication of a particular number of pages of official stationery desired, an indication of the desired document type (e.g., a memo, a press release, company confidential communications, etc.), a suggested timeframe for which document(s) 124 generated from a template 122 will be used/distributed, etc.
  • a name or other identifier of the entity submitting the request e.g., an employee number or other indicia mapped to the user
  • an indication of a particular number of pages of official stationery desired e.
  • a user of remote computing device 106 interacts with a browser application to access a webpage served by SGA 116 (or a different application 120 ) to request an official template 122 from which the user can generate official document 124 .
  • a browser application is shown as a respective portion of applications 128 on remote computing device 106 .
  • the webpage is served over an intranet (e.g., behind the company firewall or via a virtual private network connection into the intranet), over the Internet, etc.
  • an intranet and the Internet are collectively represented as respective portions of network 104 .
  • stationery-granting authority 116 accesses a database to establish identity and authority of the requesting user to use/distribute the requested stationery.
  • a database is shown as a respective portion of “other program data” 130 .
  • identity establishment can be done in multiple different ways, for example, by verifying user login information and/or other auxiliary employee data such as the employee number (or other identifying indicia) in view of information in the database.
  • SGA 116 Responsive to verifying the requesting user's identity authority to generate an official document, SGA 116 generates a certificate 122 .
  • a certificate 122 is a modifiable electronic document template (e.g., editable using a word processor) with a company letterhead.
  • each certificate 122 is formatted with a set of credentialing information to define context(s) within which the certificate 122 can be used to generate an authentic official document 124 .
  • contexts include, for example, an author name, company name, a valid timeframe within which documents based on the certificate 122 can be considered valid, etc.
  • the certificate is formatted such that a recipient of any document 124 generated from the certificate is presented with at least a subset of credentialing information to verify authenticity/validity of a document 124 generated from the certificate 122 (i.e., permission/authority of the author of the document to generate and/or distribute the document).
  • credentialing information includes, for example one or more of:
  • the unique serial number portion of the credentialing information is a digital signature computed by SGA 116 from at least a subset of the credentialing information associated with the certificate 122 .
  • the serial number is computed as a cryptographic hash of information (e.g., from one or more of a company name, date/timestamp information, name of requesting entity (e.g., a person, etc.), number of certificates 122 of the particular type issued to date, etc.) associated with the certificate 122 .
  • a cryptographic hash of information e.g., from one or more of a company name, date/timestamp information, name of requesting entity (e.g., a person, etc.), number of certificates 122 of the particular type issued to date, etc.
  • signature-granting authority 116 generates the digital signature using known public key cryptographic techniques, wherein at least a subset of the credentialing information (metadata) is signed using a private key of the entity/company for which SGA 116 provides certificates 122 to generate official documents.
  • SGA 116 generates the digital signature using known elliptic curve discrete log-based signature generating techniques, Boneh-Lynn-Shacham signature generating techniques, and/or so on.
  • the SGA 116 generates the signature by applying a keyed cryptographic hash function to the credentialing information.
  • the keyed cryptographic hash cannot be computed by any other entity other than the SGA 116 .
  • the SGA stores the issued signature in a database together with the credentialing information.
  • the pair ⁇ Serial No, Keyed Hash> is stored by the SGA.
  • the SGA verifies if the credentialing information sent by the verification requesting entity matches with the data stored in the database. If there is a match then the document is declared as a valid/official document.
  • SGA 116 After generating a particular certificate 122 from request 120 , SGA 116 communicates the certificate 122 to the requesting user. (For purposes of exemplary illustration, such a communication is shown as response 130 ). Responsive to receiving a requested certificate 122 the requesting user opens the certificate using a word processor to view text, formatting, images, etc., and modifies (e.g., edit/insert/attach arbitrary data) the mutable portions of the document template issued by SGA 116 . In one implementation, one or more portions of the template 122 are not editable. For example, in this implementation, credentialing information viewable to a recipient of certificate 122 or any official document 124 generated from certificate 122 is not editable.
  • An edited certificate 122 is shown as an official document 124 for electronic or paper distribution to recipient(s)/end user(s).
  • the user's document 124 is invalid if he/she modified the credentialing information portion of the document template (certificate 122 )). If no changes were made to the certificate portion, then the document can be claimed as authentic and this claim can be verified by any recipient.
  • an official document 124 is distributed in a read-only format (e.g., a portable document format, a read-only word processing format, etc.).
  • a recipient Responsive to receiving an official document 124 , a recipient prints or otherwise displays the document 124 (e.g., via a display device 132 ).
  • SGA 116 formatted the certificate 122 used by an author (user) to generate document 124 so that at least a portion of the credential information associated with the certificate can be viewed by the recipient when displaying the document 124 .
  • the credentialing information presented to the user via document 124 includes at least: (a) that particular credentialing information used by SGA 116 to generate the serial number (i.e., the digital signature); and, (b) the contact information (e.g., a URL of a website, telephone number of a service, etc.) that the recipient can contact to determine whether the document is authentically “official”.
  • the contact information e.g., a URL of a website, telephone number of a service, etc.
  • a recipient contacts the particular official document verification facilities identified in the “contact information” (e.g., a URL, telephone number, etc.) presented via the credential information specified by SGA 116 . Please recall that the credential information was specified by SGA 116 during creation of a certificate 122 used as a template for the official document 124 .
  • the contact information identifies a URL to a website hosted by stationery authenticity verification logic 126 (“SAV 126 ”).
  • SAV 126 stationery authenticity verification logic 126
  • a recipient of a document 124 interacts with a browser application to visit the website to download, present, and input certain information into one or more official stationery authentication verification webpages. (A browser is shown as a respective portion of applications 128 . Such webpage(s) are shown as respective portions of “other data” 134 .)
  • SAV 126 and/or a document 124 directs (e.g., via presented text, images, audio, etc.) the user to input at least a subset of the credential information presented to the recipient via document 124 to SAV 126 .
  • How such information is requested by SAV 126 and subsequently entered by the user is arbitrary, being a function of the particular technique used to obtain the information from the user (e.g., via web page user interface controls, a touch tone telephone pad, etc.)).
  • the document recipient is directed to provide/enter that particular information used by SGA 116 to generate the unique serial number (e.g., author name/identifier, date and timestamp information, and/or so on) for the corresponding certificate 122 .
  • SAV 126 Responsive to receiving the entered/provided information, SAV 126 generates a digital signature using the same technique (e.g., elliptic curve discrete log-based signature generating techniques, etc.) that SGA 116 used to generate the serial number of the corresponding certificate 122 .
  • SAV 126 compares the computer digital signature to the serial number mapped to the certificate 122 .
  • SAV 126 If the newly computed digital signature matches the serial number, SAV 126 presents an indication (e.g., a pop-up message, an e-mail, and audible indication over the telephone, etc.) to the user indicating that the official document 124 is valid. Otherwise, SAV 126 indicates to the user that the official document 124 is not valid.
  • an indication e.g., a pop-up message, an e-mail, and audible indication over the telephone, etc.
  • the contact information is a URL identifying a website to verify authenticity of an official document 124
  • the user verifies credentials of the website represented via the webpage(s) prior to entering any information associated with the official document 124 . Only when the website is verified as authentic does the user input any information associated with the official document 124 .
  • Techniques for verifying website credentials are known. For example, in one implementation, the user compares a website certificate to the name of the company indicated as issuing the official document 124 (such as indication is provided via document 124 displayed credential information.
  • FIG. 2 shows an exemplary procedure 200 for digitally certified stationery, according to one embodiment.
  • procedure 200 for digitally certified stationery, according to one embodiment.
  • the operations of procedure 200 are described with respect to the above described aspects of FIG. 1 .
  • the leftmost numeral of a reference number indicates the figure in which the component or operation was/is first introduced.
  • the operations of procedure 200 are implemented by respective ones of program modules 112 FIG. 1 .
  • Operations of block 202 receive a request 120 ( FIG. 1 ) from a user for one or more certificates 122 (templates) to generate official document(s) 124 of a particular type.
  • Operations of block 204 responsive to receiving the request, establish the identity and authority of the requesting user to generate and distribute the requested official document(s) 124 .
  • the operations of procedure 200 terminate. Otherwise, operations continue at block 208 .
  • Operations of block 208 generate (e.g., by an official stationery-granting authority 116 ) one or more official stationery certificates 122 and document credentialing information from the request 120 .
  • this credentialing information (name of the entity requesting the official document 124 , a timestamp, company name, contact information to validate the authenticity of a document 124 generated from the certificate, etc.) is embedded in certificate 122 for subsequent presentation to end-user(s).
  • one or more portions of the credentialing information e.g., a digital signature/serial number of the certificate 122 , etc.
  • Operations of block 210 communicate the official stationery certificate(s) 122 to the requesting user for editing and distribution to other entities (i.e., recipients) as one or more official documents 124 .
  • Operations of block 212 receive a request 120 (e.g., from a recipient of an official document 124 , or other entity) to verify authenticity of the official document 124 .
  • Responsive to receiving the request operations of block 214 determine whether the official document 124 actually represents an official company communication. This is accomplished by using information provided by the request 120 to generate a digital signature/serial number for comparison to an archived digital signature/serial number of a certificate- 122 used to generate the document 124 .
  • Operations of block 216 present an indication to the requesting user verifying whether the official document 124 represents an official company communication.
  • FIG.3 shows an exemplary procedure 300 for digitally certified stationery, according to one embodiment.
  • procedure 300 for digitally certified stationery, according to one embodiment.
  • the operations of procedure 300 are described with respect to the above-described aspects of FIG. 1 .
  • the leftmost numeral of a reference number indicates the figure in which the component or operation was/is first introduced.
  • the operations of procedure 300 are implemented by respective ones of program modules 120 and/or applications 128 of FIG. 1 .
  • Operations of block 302 request a document (i.e., an official document 124 ) from an official company stationery granting authority 116 .
  • Operations at block 304 responsive to requesting the document, receive a template (an official stationery certificate 122 ) for the document from the official company stationery granting authority.
  • Operations at block 306 modify the template to generate the document.
  • Operations at block 308 distribute the document to a recipient.
  • the document is formatted such that when the recipient views the document, credentialing information is presented to the recipient that allows the recipient to determine validity of the document. Such a validity determination is made by the recipient contacting a verification service (e.g., the official stationery granting authority or a different entity identified via the credentialing information).
  • a verification service e.g., the official stationery granting authority or a different entity identified via the credentialing information.
  • the recipient provides the verification service with at least a subset of the credentialing information presented to the recipient via the document. Responsive to receiving this information, the verification service performs a number of operations such as comparing multiple digital signatures to determine whether the document is valid (i.e., official).
  • stationery-granting authority 116 are shown as being implemented on a computing device 102 independent of a remote computing device 106 for a user to request an official stationery certificate 122 , each of these and associated operations could be implemented on a single computing device 102 independent of the remote computing device 106 .
  • operations associated with stationery-granting authority 116 have been described as being implemented on a same computing device 102 as operations for stationery authenticity verification 126 , these respective operations can be implemented in a distributed computing environment on different respective computing devices. Accordingly, the specific features and operations discussed above are disclosed as exemplary forms of implementing the following claimed subject matter.

Abstract

Systems and methods for digitally certified stationery are described. In one aspect, a stationery granting authority (SGA) receives a request from a user to generate a document. If the user is authorized for the requested document, the SGA generates a certificate with credentialing information from data in the request. The SGA generates a first digital signature from some of the credentialing information. The SGA communicates the certificate to the user for editing and distribution as the document. A recipient of the document determines whether the document is “official” by contacting a specified service to provide certain information from the document. The verification service computes a second digital signature from the provided information for comparison to the first digital signature. If there is a match, the service notifies the recipient that the document is valid/official. Otherwise, the recipient is notified that the document is not valid.

Description

BACKGROUND
Many companies use official stationery. Official stationery typically includes a printed letterhead of the company on good quality paper. Official stationery may also include an embedded watermark to establish origination. Official stationery is typically designated and used for “official communications” (e.g., memos, faxes, press releases, etc.), to present corporate “authority” in some manner. In some scenarios, however, official company stationery may be used for communications other than communications that the company would designate as “official”. For example, official company stationery is typically easily reproducible. As a result, a corporation may lose control of the number of pieces of official company stationery available to authorized and unauthorized users for use and distribution to others. Related to the simplicity of reproducing official corporate stationery, but also independent of this attribute, it may be possible for an individual to remove official company stationery from corporate control (e.g., take a stationery home, etc.), whereupon unauthentic, but “official-looking” documents might be produced, possibly even after the individual's termination of employment with the company.
SUMMARY
Systems and methods for digitally certified stationery are described. In one aspect, a stationery granting authority (SGA) receives a request from a user to generate a document. If the user is authorized for the requested document, the SGA generates a certificate with credentialing information from data in the request. The SGA generates a first digital signature from some of the credentialing information. The SGA communicates the certificate to the user for editing and distribution as the document. A recipient of the document determines whether the document is “official” by contacting a specified service to provide certain information from the document. The verification service computes a second digital signature from the provided information for comparison to the first digital signature. If there is a match, the service notifies the recipient that the document is valid/official. Otherwise, the recipient is notified that the document is not valid.
This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 shows an exemplary system for digitally certified stationery, according to one embodiment.
FIG. 2 shows an exemplary procedure for digitally certified stationery, according to one embodiment.
FIG. 3 shows another exemplary procedure for digitally certified stationery, according to one embodiment.
DETAILED DESCRIPTION
An Exemplary System
Although not required, systems and methods for digitally certified stationery are described in the general context of computer-executable instructions executed by a computing device such as a personal computer. Program modules generally include routines, programs, objects, components, data structures, etc., that perform particular tasks or implement particular abstract data types. While the systems and methods are described in the foregoing context, acts and operations described hereinafter may also be implemented in hardware.
FIG. 1 shows an exemplary system 100 for digitally certified stationery, according to one embodiment. In this implementation, system 100 includes a computing device 102 coupled across a network 104 to one or more remote computing devices 106. Each computing device 102 and remote computing device 106 represents, for example a general purpose computing device, a server, a laptop, a mobile computing device, and/or so on, that accepts information in digital or similar form and manipulates it for a specific result based upon a sequence of instructions. To this end, each computing device 102 and 106 includes one or more processors coupled to a respective tangible computer-readable storage medium such as a system memory. System memory includes, for example, volatile random access memory (e.g., RAM) and non-volatile read-only memory (e.g., ROM, flash memory, etc.). Such a processor may be a microprocessor, microcomputer, microcontroller, digital signal processor, etc. The system memory includes computer-program modules comprising computer-program instructions executable by the one or more processors and program data that is generated and/or used by respective ones of the program modules. For example, computing device 102 includes one or more processors 108 coupled to system memory 110. System memory 110 comprises program modules 112 and program data 114.
In this implementation, program modules 112 include, for example, stationery-granting authority 116 and “other program modules” 124 such as an Operating System (OS) to provide a runtime environment, a Web server to serve web pages to a requesting remote computing device 106, device drivers, cryptographic applications, and/or other applications. Stationery-granting authority 116 responds to request(s) from an authorized user to obtain an official stationery certificate(s) (template(s)) from which the user creates and distributes official stationery/documents to end-users/readers to communicate official information (e.g., text, images, etc.). As described below, recipients of such official documents contact the stationery granting authority to verify authenticity of the received documents.
For example, a user of remote device 106 sends a request 120 to stationery-granting authority 116 (“SGA 116”) to obtain an official stationery certificate 122 (template) from which the user can generate an official document 124 for distribution to recipient(s). Each request 120 includes, for example, one or more of a name or other identifier of the entity submitting the request (e.g., an employee number or other indicia mapped to the user), an indication of a particular number of pages of official stationery desired, an indication of the desired document type (e.g., a memo, a press release, company confidential communications, etc.), a suggested timeframe for which document(s) 124 generated from a template 122 will be used/distributed, etc. In one implementation, a user of remote computing device 106 interacts with a browser application to access a webpage served by SGA 116 (or a different application 120) to request an official template 122 from which the user can generate official document 124. For purposes of exemplary illustration, such a browser application is shown as a respective portion of applications 128 on remote computing device 106. In one implementation, for example, the webpage is served over an intranet (e.g., behind the company firewall or via a virtual private network connection into the intranet), over the Internet, etc. For purposes of exemplary illustration, an intranet and the Internet are collectively represented as respective portions of network 104.
Responsive to receiving a request 120, stationery-granting authority 116 accesses a database to establish identity and authority of the requesting user to use/distribute the requested stationery. Such a database is shown as a respective portion of “other program data” 130. Such identity establishment can be done in multiple different ways, for example, by verifying user login information and/or other auxiliary employee data such as the employee number (or other identifying indicia) in view of information in the database. Responsive to verifying the requesting user's identity authority to generate an official document, SGA 116 generates a certificate 122. In this implementation, a certificate 122 is a modifiable electronic document template (e.g., editable using a word processor) with a company letterhead.
Additionally, each certificate 122 is formatted with a set of credentialing information to define context(s) within which the certificate 122 can be used to generate an authentic official document 124. Such contexts include, for example, an author name, company name, a valid timeframe within which documents based on the certificate 122 can be considered valid, etc. The certificate is formatted such that a recipient of any document 124 generated from the certificate is presented with at least a subset of credentialing information to verify authenticity/validity of a document 124 generated from the certificate 122 (i.e., permission/authority of the author of the document to generate and/or distribute the document). In this implementation, credentialing information includes, for example one or more of:
    • the name of the person to whom SGA 116 issued the corresponding certificate(s) 122;
    • an indication of a date/time stamp of validity for any official document(s) 124 generated from the certificate 122;
    • name of the entity that issued the certificate 122 (e.g., a company name);
    • a unique serial number (e.g., a decimal or hexadecimal number) for the certificate 122 to distinguish the certificate 122 from any other certificate 122 issued by stationery-granting authority 116; and
    • contact information indicating where/how (e.g., via an authenticated website URL, a telephone number, etc.) a recipient of an official document 124 (generated from the certificate 122) can provide certain information presented by the document 124 to verify if the received document 124 is truly “official.”
In one implementation, the unique serial number portion of the credentialing information is a digital signature computed by SGA 116 from at least a subset of the credentialing information associated with the certificate 122. For example, the serial number is computed as a cryptographic hash of information (e.g., from one or more of a company name, date/timestamp information, name of requesting entity (e.g., a person, etc.), number of certificates 122 of the particular type issued to date, etc.) associated with the certificate 122. Techniques/schemes for computing cryptographic hashes of information are known. For example, in one implementation, signature-granting authority 116 generates the digital signature using known public key cryptographic techniques, wherein at least a subset of the credentialing information (metadata) is signed using a private key of the entity/company for which SGA 116 provides certificates 122 to generate official documents. In one implementation, SGA 116 generates the digital signature using known elliptic curve discrete log-based signature generating techniques, Boneh-Lynn-Shacham signature generating techniques, and/or so on.
Another possible implementation of signatures could be established using a database. The SGA 116 generates the signature by applying a keyed cryptographic hash function to the credentialing information. The keyed cryptographic hash cannot be computed by any other entity other than the SGA 116. Next, the SGA stores the issued signature in a database together with the credentialing information. At the minimum, the pair <Serial No, Keyed Hash> is stored by the SGA. At the time of authentication, the SGA verifies if the credentialing information sent by the verification requesting entity matches with the data stored in the database. If there is a match then the document is declared as a valid/official document.
After generating a particular certificate 122 from request 120, SGA 116 communicates the certificate 122 to the requesting user. (For purposes of exemplary illustration, such a communication is shown as response 130). Responsive to receiving a requested certificate 122 the requesting user opens the certificate using a word processor to view text, formatting, images, etc., and modifies (e.g., edit/insert/attach arbitrary data) the mutable portions of the document template issued by SGA 116. In one implementation, one or more portions of the template 122 are not editable. For example, in this implementation, credentialing information viewable to a recipient of certificate 122 or any official document 124 generated from certificate 122 is not editable. This is in contrast, for example, to different portion(s) of certificate 122 which are responsive to user data (e.g., text, image, etc.) input. An edited certificate 122 is shown as an official document 124 for electronic or paper distribution to recipient(s)/end user(s). (The user's document 124 is invalid if he/she modified the credentialing information portion of the document template (certificate 122)). If no changes were made to the certificate portion, then the document can be claimed as authentic and this claim can be verified by any recipient.) In one implementation, an official document 124 is distributed in a read-only format (e.g., a portable document format, a read-only word processing format, etc.).
Exemplary Stationery/Document Authenticity Verification Operations
Responsive to receiving an official document 124, a recipient prints or otherwise displays the document 124 (e.g., via a display device 132). As described above, SGA 116 formatted the certificate 122 used by an author (user) to generate document 124 so that at least a portion of the credential information associated with the certificate can be viewed by the recipient when displaying the document 124. In one implementation, the credentialing information presented to the user via document 124 includes at least: (a) that particular credentialing information used by SGA 116 to generate the serial number (i.e., the digital signature); and, (b) the contact information (e.g., a URL of a website, telephone number of a service, etc.) that the recipient can contact to determine whether the document is authentically “official”.
To verify whether an author had appropriate authority to present an official document 124, a recipient contacts the particular official document verification facilities identified in the “contact information” (e.g., a URL, telephone number, etc.) presented via the credential information specified by SGA 116. Please recall that the credential information was specified by SGA 116 during creation of a certificate 122 used as a template for the official document 124. In a scenario where the contact information identifies a URL to a website hosted by stationery authenticity verification logic 126 (“SAV 126”). A recipient of a document 124 interacts with a browser application to visit the website to download, present, and input certain information into one or more official stationery authentication verification webpages. (A browser is shown as a respective portion of applications 128. Such webpage(s) are shown as respective portions of “other data” 134.)
Independent of whether the contact information identifies a website, telephone number, etc., SAV 126 and/or a document 124 directs (e.g., via presented text, images, audio, etc.) the user to input at least a subset of the credential information presented to the recipient via document 124 to SAV 126. (How such information is requested by SAV 126 and subsequently entered by the user is arbitrary, being a function of the particular technique used to obtain the information from the user (e.g., via web page user interface controls, a touch tone telephone pad, etc.)). In one implementation, the document recipient is directed to provide/enter that particular information used by SGA 116 to generate the unique serial number (e.g., author name/identifier, date and timestamp information, and/or so on) for the corresponding certificate 122. Responsive to receiving the entered/provided information, SAV 126 generates a digital signature using the same technique (e.g., elliptic curve discrete log-based signature generating techniques, etc.) that SGA 116 used to generate the serial number of the corresponding certificate 122. SAV 126 then compares the computer digital signature to the serial number mapped to the certificate 122. If the newly computed digital signature matches the serial number, SAV 126 presents an indication (e.g., a pop-up message, an e-mail, and audible indication over the telephone, etc.) to the user indicating that the official document 124 is valid. Otherwise, SAV 126 indicates to the user that the official document 124 is not valid.
In one implementation, when the contact information is a URL identifying a website to verify authenticity of an official document 124, the user verifies credentials of the website represented via the webpage(s) prior to entering any information associated with the official document 124. Only when the website is verified as authentic does the user input any information associated with the official document 124. Techniques for verifying website credentials are known. For example, in one implementation, the user compares a website certificate to the name of the company indicated as issuing the official document 124 (such as indication is provided via document 124 displayed credential information.
Exemplary Procedures
FIG. 2 shows an exemplary procedure 200 for digitally certified stationery, according to one embodiment. For purposes of exemplary illustration, the operations of procedure 200 are described with respect to the above described aspects of FIG. 1. The leftmost numeral of a reference number indicates the figure in which the component or operation was/is first introduced. In one implementation, the operations of procedure 200 are implemented by respective ones of program modules 112 FIG. 1.
Operations of block 202 receive a request 120 (FIG. 1) from a user for one or more certificates 122 (templates) to generate official document(s) 124 of a particular type. Operations of block 204, responsive to receiving the request, establish the identity and authority of the requesting user to generate and distribute the requested official document(s) 124. At block 206, if the user is not authorized for the requested document(s) 124, the operations of procedure 200 terminate. Otherwise, operations continue at block 208. Operations of block 208 generate (e.g., by an official stationery-granting authority 116) one or more official stationery certificates 122 and document credentialing information from the request 120. At least a subset of this credentialing information (name of the entity requesting the official document 124, a timestamp, company name, contact information to validate the authenticity of a document 124 generated from the certificate, etc.) is embedded in certificate 122 for subsequent presentation to end-user(s). In one implementation, one or more portions of the credentialing information (e.g., a digital signature/serial number of the certificate 122, etc.) is mapped (e.g., in a table) and maintained by the stationery-granting authority 116 for subsequent verification of any documents 124 generated from the certificate.
Operations of block 210 communicate the official stationery certificate(s) 122 to the requesting user for editing and distribution to other entities (i.e., recipients) as one or more official documents 124. Operations of block 212, receive a request 120 (e.g., from a recipient of an official document 124, or other entity) to verify authenticity of the official document 124. Responsive to receiving the request, operations of block 214 determine whether the official document 124 actually represents an official company communication. This is accomplished by using information provided by the request 120 to generate a digital signature/serial number for comparison to an archived digital signature/serial number of a certificate-122 used to generate the document 124. Operations of block 216 present an indication to the requesting user verifying whether the official document 124 represents an official company communication.
FIG.3 shows an exemplary procedure 300 for digitally certified stationery, according to one embodiment. For purposes of exemplary illustration, the operations of procedure 300 are described with respect to the above-described aspects of FIG. 1. The leftmost numeral of a reference number indicates the figure in which the component or operation was/is first introduced. In one implementation, the operations of procedure 300 are implemented by respective ones of program modules 120 and/or applications 128 of FIG. 1.
Operations of block 302 request a document (i.e., an official document 124) from an official company stationery granting authority 116. Operations at block 304, responsive to requesting the document, receive a template (an official stationery certificate 122) for the document from the official company stationery granting authority. Operations at block 306 modify the template to generate the document. Operations at block 308 distribute the document to a recipient. The document is formatted such that when the recipient views the document, credentialing information is presented to the recipient that allows the recipient to determine validity of the document. Such a validity determination is made by the recipient contacting a verification service (e.g., the official stationery granting authority or a different entity identified via the credentialing information). Once such a contact has been made, the recipient provides the verification service with at least a subset of the credentialing information presented to the recipient via the document. Responsive to receiving this information, the verification service performs a number of operations such as comparing multiple digital signatures to determine whether the document is valid (i.e., official).
CONCLUSION
Although digitally certified stationery has been described in language specific to structural features and/or methodological operations or actions, it is understood that the implementations presented in the appended claims are not necessarily limited to the specific features or actions described above. For example, although operations associated with stationery-granting authority 116 are shown as being implemented on a computing device 102 independent of a remote computing device 106 for a user to request an official stationery certificate 122, each of these and associated operations could be implemented on a single computing device 102 independent of the remote computing device 106. Additionally, although operations associated with stationery-granting authority 116 have been described as being implemented on a same computing device 102 as operations for stationery authenticity verification 126, these respective operations can be implemented in a distributed computing environment on different respective computing devices. Accordingly, the specific features and operations discussed above are disclosed as exemplary forms of implementing the following claimed subject matter.

Claims (19)

1. A system at least partially implemented by one or more computing devices, each of the one or more computing devices comprising:
a processor;
a memory coupled to the processor, the memory comprising computer-program instructions executable by the processor for performing respective ones of operations comprising:
receiving a request from a user to generate a certificate template from which to create an official document, the request including a document type indication for the certificate template being requested;
determining whether the user is authorized for the certificate template of the requested document; and
in response to determining that the user is authorized for the requested document:
generating the certificate template and credentialing information from information provided in the request including the document type indication, at least a portion of the credentialing information being a part of the certificate template for presentation as part of the official document to an end user to verify authenticity of the official document, wherein generating comprises calculating a digital signature based on at least the portion of the credentialing information;
storing the digital signature for subsequent validity verification of the official document to a recipient; and
communicating the certificate template to the user, wherein the certificate template is for modification by the user to create the official document, the official document being for distribution and presentation to one or more end-users.
2. The system of claim 1, wherein the credentialing information comprises an identification of the user, a name of the issuing entity, and a unique serial number.
3. The system of claim 1, wherein the credentialing information comprises an identification of the user being a name, a number, or other indicia mapped to the user.
4. The system of claim 1, wherein the credentialing information further comprises a letterhead.
5. The system of claim 1, wherein the computer-program instructions for generating the certificate template further comprise instructions for:
calculating a digital signature based on at least a subset of the credentialing information; and
mapping the digital signature to the official document.
6. The system of claim 1, wherein the computer-program instructions further comprise instructions for:
receiving a request from an end-user of the official document, the request to verify authenticity that the official document represents an official communication of a granting authority, the request comprising information;
verifying, using the information, whether the official document is being used as directed by the granting authority; and
communicating, based on the verifying, an indication to the end user whether the official document represents an official communication of the granting authority.
7. The system of claim 6, wherein the request is received according to contact information presented to an end-user in the official document, the contact information being a respective portion of the credentialing information.
8. The system of claim 7, wherein the contact information specifies a
URL of a website.
9. The system of claim 7, wherein the contact information specifies a telephone number of a service.
10. A system at least partially implemented by one or more computing devices, each of the one or more computing devices comprising:
a processor;
a memory coupled to the processor, the memory comprising computer-program instructions executable by the processor for performing respective ones of operations comprising:
receiving a request from a user to generate an official document;
generating a certificate template and a set of credentialing information from information provided in the request, at least a portion of the credentialing information being embedded into the certificate template for presentation to an end user to verify authenticity of the official document;
communicating the certificate template to the user, wherein the certificate template is for modification by the user to generate the official document, the official document for distribution and presentation to one or more end-users;
receiving a request from an end-user of the official document, the request to verify authenticity that the official document represents an official communication of a granting authority, the request comprising information;
verifying, using the information, whether the official document is being used as directed by the granting authority;
communicating, based on the verifying, an indication to the end user whether the official document represents an official communication of the granting authority;
calculating, using a cryptographic scheme, a digital signature from the information;
comparing the digital signature to a serial number maintained by the granting authority; and
wherein the official document represents an official communication only if the digital signature matches the serial number.
11. A computer-readable memory comprising computer-program instructions executable by a processor, the computer-program instructions when executed by the processor for performing operations comprising:
receiving a request from a user to create an official document, the request including a document type indication;
verifying that the user is authorized for the official document; and
responsive to determining that the user is authorized for the official document, a granting authority:
generating a certificate template including credentialing information from information provided in the request, the credentialing information including the document type indication, at least a portion of the credentialing information being part of the certificate template for presentation to a recipient to verify authenticity of the official document, the generating comprising:
(a) calculating a digital signature based on at least a subset of the credentialing information; and
(b) storing the digital signature for subsequent validity verification of the official document to the recipient; and
communicating the certificate to the user for modification by the user to create the official document.
12. The computer-readable memory of claim 11, wherein the credentialing information further includes a letterhead.
13. The computer-readable memory of claim 11, wherein the computer-program instructions further comprise instructions for:
receiving a request from the recipient, the request comprising information;
verifying, using the information, whether the official document is valid in view of a context that the certificate template for the document was created, the context being provided by the credentialing information; and
communicating, based on the verifying, an indication to the recipient whether the official document represents an official communication of the granting authority.
14. The computer-readable memory of claim 13, wherein the computer-program instructions further comprise instructions for:
calculating a digital signature based at least in part on the credentialing information;
comparing the digital signature to a serial number maintained by the granting authority; and
wherein the official document represents an official communication only if the digital signature matches the serial number.
15. The computer-readable memory of claim 11, wherein the document type is one selected from a group consisting of a memo, a press release, and a company confidential communication.
16. A method comprising:
receiving, by one or more computing systems configured to digitally certify stationery, a request from a user of the one or more computing systems for an official stationery including an indication of a particular number of pages of official stationery desired;
determining, by the one or more computing systems, whether the user is authorized for an official document; responsive to determining that the user is authorized for the official document:
generating, by the one or more computing systems, a certificate template and credentialing information from information provided in the request, at least a portion of the credentialing information being embedded into the certificate template for presentation as a part of the official document to a recipient to verify authenticity of the document prepared with the official stationery, the generating comprising:
calculating a digital signature based on at least a subset of the credentialing information; and
storing the digital signature for subsequent validity verification of the document to the recipient;
communicating, by the one or more computing systems, the certificate template to the user for modification by the user to generate the official document by modifying the template.
17. The method of claim 16, wherein the credentialing information comprises one or more of an identification of the user, a name of the issuing entity, a unique serial number, a document type indication, a timeframe within which the official stationery is valid, and a letterhead.
18. The method of claim 16 further comprising:
receiving, by the one or more computing systems, a request from the recipient, the request comprising information;
verifying, by the one or more computing systems, using the information, whether the official stationery is valid in view of a context that the certificate template for the document was created, the context being provided by the credentialing information; and
communicating, by the one or more computing systems, based on the verifying, an indication to the recipient whether the official stationery represents an official communication of a granting authority.
19. The method of claim 18, further comprising comparing the digital signature to a serial number maintained by the computing systems configured to digitally certify stationery, wherein the official stationary is valid when the digital signature matches the serial number.
US11/567,707 2006-12-06 2006-12-06 Digitally certified stationery Expired - Fee Related US7996677B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US11/567,707 US7996677B2 (en) 2006-12-06 2006-12-06 Digitally certified stationery

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/567,707 US7996677B2 (en) 2006-12-06 2006-12-06 Digitally certified stationery

Publications (2)

Publication Number Publication Date
US20080141330A1 US20080141330A1 (en) 2008-06-12
US7996677B2 true US7996677B2 (en) 2011-08-09

Family

ID=39523826

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/567,707 Expired - Fee Related US7996677B2 (en) 2006-12-06 2006-12-06 Digitally certified stationery

Country Status (1)

Country Link
US (1) US7996677B2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100023758A1 (en) * 2008-07-23 2010-01-28 Shocky Han Document authentication using electronic signature
US20110320458A1 (en) * 2010-06-24 2011-12-29 Abinasha Karana Identification of name entities via search, determination of alternative searches, and automatic integration of data across a computer network for dynamic portal generation
TWI476711B (en) * 2013-06-19 2015-03-11 Inventec Appliances Corp Activity convocation system and method thereof
US10699001B2 (en) 2015-03-31 2020-06-30 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US10701083B2 (en) 2015-03-31 2020-06-30 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8356333B2 (en) * 2006-12-12 2013-01-15 Bespoke Innovations Sarl System and method for verifying networked sites
EP2971416A2 (en) * 2013-03-15 2016-01-20 Spectrum Brands, Inc. Wireless lockset with integrated antenna, touch activation, and light communication method
CN110730106B (en) * 2019-12-18 2020-04-17 数字广东网络建设有限公司 Electronic official document exchange method and device based on tree structure and computer equipment
EP4210276A1 (en) * 2022-01-10 2023-07-12 SW7 Ventures (H.K.) Limited Method and apparatus for generating certified user data

Citations (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5157726A (en) 1991-12-19 1992-10-20 Xerox Corporation Document copy authentication
US5544255A (en) 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
US5712914A (en) * 1995-09-29 1998-01-27 Intel Corporation Digital certificates containing multimedia data extensions
US5765176A (en) 1996-09-06 1998-06-09 Xerox Corporation Performing document image management tasks using an iconic image having embedded encoded information
US5912974A (en) 1994-04-05 1999-06-15 International Business Machines Corporation Apparatus and method for authentication of printed documents
US5970252A (en) * 1997-08-12 1999-10-19 International Business Machines Corporation Method and apparatus for loading components in a component system
US6021202A (en) * 1996-12-20 2000-02-01 Financial Services Technology Consortium Method and system for processing electronic documents
US6023509A (en) 1996-09-30 2000-02-08 Intel Corporation Digital signature purpose encoding
US6108788A (en) * 1997-12-08 2000-08-22 Entrust Technologies Limited Certificate management system and method for a communication security system
US6138106A (en) * 1997-05-19 2000-10-24 Walker Asset Management Limited Partnership Dynamically changing system for fulfilling concealed value gift certificate obligations
US20020013899A1 (en) * 2000-06-17 2002-01-31 Faul Jacob Joel Automated document distribution and transaction verification
US20020012445A1 (en) 2000-07-25 2002-01-31 Perry Burt W. Authentication watermarks for printed objects and related applications
US20020026574A1 (en) * 2000-08-31 2002-02-28 Sony Corporation Person authentication system, person authentication method , information processing apparatus, and program providing medium
WO2002037309A1 (en) 2000-11-02 2002-05-10 Markany Inc. Method for embedding and extracting text into/from electronic documents
US20020101597A1 (en) 2001-01-31 2002-08-01 Hoover Rick Paul Machine-readable information embedded on a document
US20020103723A1 (en) * 2001-01-29 2002-08-01 Platner Michael Gary Certificate for an online product
US20020129257A1 (en) * 2001-03-07 2002-09-12 Diebold, Incorporated Automated transaction machine digital signature system and method
US20020166049A1 (en) * 2000-12-22 2002-11-07 Sinn Richard P. Obtaining and maintaining real time certificate status
US20030004997A1 (en) * 2001-06-28 2003-01-02 Steven Parker Method for online personalization of greeting cards
US20030012374A1 (en) 2001-07-16 2003-01-16 Wu Jian Kang Electronic signing of documents
US20030018585A1 (en) * 2001-07-21 2003-01-23 International Business Machines Corporation Method and system for the communication of assured reputation information
US20030078880A1 (en) * 1999-10-08 2003-04-24 Nancy Alley Method and system for electronically signing and processing digital documents
US20030204812A1 (en) 2002-04-24 2003-10-30 Canon Kabushiki Kaisha Information processing method and apparatus, and computer program and computer-readable storage medium
US6671804B1 (en) * 1999-12-01 2003-12-30 Bbnt Solutions Llc Method and apparatus for supporting authorities in a public key infrastructure
US20040073446A1 (en) * 2002-08-28 2004-04-15 Snow Bradford Lyle System and method for design and production of certificates
KR20040064780A (en) 2003-01-10 2004-07-21 한국정보보호진흥원 Method for verifying digitally signed documents
US20050019937A1 (en) * 2002-11-29 2005-01-27 Industrial Technology Research Institute Assay and kit for homocysteine
US20050038756A1 (en) 2000-05-24 2005-02-17 Nagel Robert H. System and method for production and authentication of original documents
US6892947B1 (en) 2003-07-30 2005-05-17 Hewlett-Packard Development Company, L.P. Barcode embedding methods, barcode communication methods, and barcode systems
US6907528B1 (en) * 1999-03-26 2005-06-14 Fujitsu Services Limited Method and system for cryptographically authenticating a printed document by a trusted party
US6990585B2 (en) * 2000-08-31 2006-01-24 International Business Machines Corporation Digital signature system, digital signature method, digital signature mediation method, digital signature mediation system, information terminal and storage medium
US20060072781A1 (en) 2004-09-28 2006-04-06 Harrington Steven J Encoding invisible electronic information in a printed document
US20060085634A1 (en) * 2004-10-18 2006-04-20 Microsoft Corporation Device certificate individualization
US20060085646A1 (en) * 2004-10-18 2006-04-20 Microsoft Corporation Device certificate self-individualization
US7073195B2 (en) * 2002-01-28 2006-07-04 Intel Corporation Controlled access to credential information of delegators in delegation relationships
US20060161781A1 (en) * 2005-01-18 2006-07-20 Robert Rice Automated notary acknowledgement
US7092953B1 (en) * 2000-12-28 2006-08-15 Rightlsline, Inc. Apparatus and methods for intellectual property database navigation
US7103572B1 (en) * 1999-02-18 2006-09-05 Matsushita Electric Industrial Co., Ltd. Electronic asset utilization system, electronic asset utilization method, server for use with electronic asset utilization system, and recording medium having recorded thereon electronic asset utilization method
US7117363B2 (en) 2000-08-04 2006-10-03 Sri International System and method using information-based indicia for securing and authenticating transactions
US20060265590A1 (en) * 2005-05-18 2006-11-23 Deyoung Dennis C Digital signature/certificate for hard-copy documents
US20060271787A1 (en) 2005-05-31 2006-11-30 Xerox Corporation System and method for validating a hard-copy document against an electronic version
US20070074029A1 (en) 2005-09-28 2007-03-29 Kabushiki Kaisha Toshiba Data embedding apparatus
US20070073626A1 (en) * 2000-12-28 2007-03-29 Reeder Russell P Integrated media management and rights distribution apparatus
US20070165261A1 (en) 2003-05-16 2007-07-19 Akihiro Someya Tampering detection apparatus and tampering detection method for printed document
US7252222B2 (en) 2003-12-19 2007-08-07 Scientific Game Royalty Corporation Embedded optical signatures in documents
US7328847B1 (en) 2003-07-30 2008-02-12 Hewlett-Packard Development Company, L.P. Barcode data communication methods, barcode embedding methods, and barcode systems
US20080046984A1 (en) 2006-08-17 2008-02-21 Iana Livia Bohmer Federated credentialing system and method
US7340611B2 (en) * 2003-01-28 2008-03-04 Microsoft Corporation Template-driven XML digital signature
US7353397B1 (en) * 2003-04-30 2008-04-01 Adobe Systems Incorporated Repurposing digitally signed information
US7526642B2 (en) * 2002-10-09 2009-04-28 Nokia Corporation Controlling delivery of certificates in a mobile communication system
US7581106B1 (en) * 2005-04-20 2009-08-25 Adobe Systems Incorporated Using digital certificates to facilitate enforcement of product licenses
US7581102B2 (en) * 2004-01-19 2009-08-25 Ricoh Company, Ltd. Certificate confirmation method, certificate confirmation program and certificate that can readily and more positively confirm authenticity of certificate
US7647494B2 (en) * 2005-06-08 2010-01-12 International Business Machines Corporation Name transformation for a public key infrastructure (PKI)

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5157226A (en) * 1989-10-17 1992-10-20 Canon Kabushiki Kaisha Developing apparatus producing toner powder cloud for developing images

Patent Citations (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5157726A (en) 1991-12-19 1992-10-20 Xerox Corporation Document copy authentication
US5912974A (en) 1994-04-05 1999-06-15 International Business Machines Corporation Apparatus and method for authentication of printed documents
US5544255A (en) 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
US5712914A (en) * 1995-09-29 1998-01-27 Intel Corporation Digital certificates containing multimedia data extensions
US5765176A (en) 1996-09-06 1998-06-09 Xerox Corporation Performing document image management tasks using an iconic image having embedded encoded information
US6023509A (en) 1996-09-30 2000-02-08 Intel Corporation Digital signature purpose encoding
US6021202A (en) * 1996-12-20 2000-02-01 Financial Services Technology Consortium Method and system for processing electronic documents
US6138106A (en) * 1997-05-19 2000-10-24 Walker Asset Management Limited Partnership Dynamically changing system for fulfilling concealed value gift certificate obligations
US5970252A (en) * 1997-08-12 1999-10-19 International Business Machines Corporation Method and apparatus for loading components in a component system
US6108788A (en) * 1997-12-08 2000-08-22 Entrust Technologies Limited Certificate management system and method for a communication security system
US7103572B1 (en) * 1999-02-18 2006-09-05 Matsushita Electric Industrial Co., Ltd. Electronic asset utilization system, electronic asset utilization method, server for use with electronic asset utilization system, and recording medium having recorded thereon electronic asset utilization method
US6907528B1 (en) * 1999-03-26 2005-06-14 Fujitsu Services Limited Method and system for cryptographically authenticating a printed document by a trusted party
US20030078880A1 (en) * 1999-10-08 2003-04-24 Nancy Alley Method and system for electronically signing and processing digital documents
US6671804B1 (en) * 1999-12-01 2003-12-30 Bbnt Solutions Llc Method and apparatus for supporting authorities in a public key infrastructure
US20050038756A1 (en) 2000-05-24 2005-02-17 Nagel Robert H. System and method for production and authentication of original documents
US20020013899A1 (en) * 2000-06-17 2002-01-31 Faul Jacob Joel Automated document distribution and transaction verification
US20020012445A1 (en) 2000-07-25 2002-01-31 Perry Burt W. Authentication watermarks for printed objects and related applications
US7117363B2 (en) 2000-08-04 2006-10-03 Sri International System and method using information-based indicia for securing and authenticating transactions
US20020026574A1 (en) * 2000-08-31 2002-02-28 Sony Corporation Person authentication system, person authentication method , information processing apparatus, and program providing medium
US6990585B2 (en) * 2000-08-31 2006-01-24 International Business Machines Corporation Digital signature system, digital signature method, digital signature mediation method, digital signature mediation system, information terminal and storage medium
WO2002037309A1 (en) 2000-11-02 2002-05-10 Markany Inc. Method for embedding and extracting text into/from electronic documents
US20020166049A1 (en) * 2000-12-22 2002-11-07 Sinn Richard P. Obtaining and maintaining real time certificate status
US7092953B1 (en) * 2000-12-28 2006-08-15 Rightlsline, Inc. Apparatus and methods for intellectual property database navigation
US20070073626A1 (en) * 2000-12-28 2007-03-29 Reeder Russell P Integrated media management and rights distribution apparatus
US20020103723A1 (en) * 2001-01-29 2002-08-01 Platner Michael Gary Certificate for an online product
US20020101597A1 (en) 2001-01-31 2002-08-01 Hoover Rick Paul Machine-readable information embedded on a document
US20020129257A1 (en) * 2001-03-07 2002-09-12 Diebold, Incorporated Automated transaction machine digital signature system and method
US20030004997A1 (en) * 2001-06-28 2003-01-02 Steven Parker Method for online personalization of greeting cards
US20030012374A1 (en) 2001-07-16 2003-01-16 Wu Jian Kang Electronic signing of documents
US20030018585A1 (en) * 2001-07-21 2003-01-23 International Business Machines Corporation Method and system for the communication of assured reputation information
US7073195B2 (en) * 2002-01-28 2006-07-04 Intel Corporation Controlled access to credential information of delegators in delegation relationships
US20030204812A1 (en) 2002-04-24 2003-10-30 Canon Kabushiki Kaisha Information processing method and apparatus, and computer program and computer-readable storage medium
US20040073446A1 (en) * 2002-08-28 2004-04-15 Snow Bradford Lyle System and method for design and production of certificates
US7526642B2 (en) * 2002-10-09 2009-04-28 Nokia Corporation Controlling delivery of certificates in a mobile communication system
US20050019937A1 (en) * 2002-11-29 2005-01-27 Industrial Technology Research Institute Assay and kit for homocysteine
KR20040064780A (en) 2003-01-10 2004-07-21 한국정보보호진흥원 Method for verifying digitally signed documents
US7340611B2 (en) * 2003-01-28 2008-03-04 Microsoft Corporation Template-driven XML digital signature
US7353397B1 (en) * 2003-04-30 2008-04-01 Adobe Systems Incorporated Repurposing digitally signed information
US20070165261A1 (en) 2003-05-16 2007-07-19 Akihiro Someya Tampering detection apparatus and tampering detection method for printed document
US7328847B1 (en) 2003-07-30 2008-02-12 Hewlett-Packard Development Company, L.P. Barcode data communication methods, barcode embedding methods, and barcode systems
US6892947B1 (en) 2003-07-30 2005-05-17 Hewlett-Packard Development Company, L.P. Barcode embedding methods, barcode communication methods, and barcode systems
US7252222B2 (en) 2003-12-19 2007-08-07 Scientific Game Royalty Corporation Embedded optical signatures in documents
US7581102B2 (en) * 2004-01-19 2009-08-25 Ricoh Company, Ltd. Certificate confirmation method, certificate confirmation program and certificate that can readily and more positively confirm authenticity of certificate
US20060072781A1 (en) 2004-09-28 2006-04-06 Harrington Steven J Encoding invisible electronic information in a printed document
US7441121B2 (en) * 2004-10-18 2008-10-21 Microsoft Corporation Device certificate self-individualization
US20060085634A1 (en) * 2004-10-18 2006-04-20 Microsoft Corporation Device certificate individualization
US20060085646A1 (en) * 2004-10-18 2006-04-20 Microsoft Corporation Device certificate self-individualization
US20060161781A1 (en) * 2005-01-18 2006-07-20 Robert Rice Automated notary acknowledgement
US7581106B1 (en) * 2005-04-20 2009-08-25 Adobe Systems Incorporated Using digital certificates to facilitate enforcement of product licenses
US20060265590A1 (en) * 2005-05-18 2006-11-23 Deyoung Dennis C Digital signature/certificate for hard-copy documents
US20060271787A1 (en) 2005-05-31 2006-11-30 Xerox Corporation System and method for validating a hard-copy document against an electronic version
US7647494B2 (en) * 2005-06-08 2010-01-12 International Business Machines Corporation Name transformation for a public key infrastructure (PKI)
US20070074029A1 (en) 2005-09-28 2007-03-29 Kabushiki Kaisha Toshiba Data embedding apparatus
US20080046984A1 (en) 2006-08-17 2008-02-21 Iana Livia Bohmer Federated credentialing system and method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Bender et al., "Techniques for data hiding", IBM Systems Journal, vol. 35, Nos. 3&4, 1996, pp. 313-pp. 336.
Brassil et al., "Electonic Marking and Identification Techniques to Discourage Document Copying", IEEE Journal on Selected Areas in Communication, vol. 13, No. 8, Oct. 1995, pp. 1495-pp. 1504.
PCT Search Report for Application No. PCT/US2008/063886, mailed Oct. 29, 2008, 11 pgs.

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100023758A1 (en) * 2008-07-23 2010-01-28 Shocky Han Document authentication using electronic signature
US8924307B2 (en) * 2008-07-23 2014-12-30 Shocky Han Document authentication using electronic signature
US20110320458A1 (en) * 2010-06-24 2011-12-29 Abinasha Karana Identification of name entities via search, determination of alternative searches, and automatic integration of data across a computer network for dynamic portal generation
US8661015B2 (en) * 2010-06-24 2014-02-25 Bizosys Technologies Private Limited Identification of name entities via search, determination of alternative searches, and automatic integration of data across a computer network for dynamic portal generation
TWI476711B (en) * 2013-06-19 2015-03-11 Inventec Appliances Corp Activity convocation system and method thereof
US10699001B2 (en) 2015-03-31 2020-06-30 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US10701083B2 (en) 2015-03-31 2020-06-30 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US11030300B2 (en) 2015-03-31 2021-06-08 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US11252164B2 (en) 2015-03-31 2022-02-15 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US11627143B2 (en) 2015-03-31 2023-04-11 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US11627144B2 (en) 2015-03-31 2023-04-11 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US11651068B2 (en) 2015-03-31 2023-05-16 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials

Also Published As

Publication number Publication date
US20080141330A1 (en) 2008-06-12

Similar Documents

Publication Publication Date Title
US7996677B2 (en) Digitally certified stationery
US9009477B2 (en) Archiving electronic content having digital signatures
US20150067464A1 (en) Systems and methods for distributed electronic signature documents
CA2393116A1 (en) System and method for electronic storage and retrieval of authenticated original documents
US20190372782A1 (en) Data Certification Device, Non-transitory Computer-readable Medium, and Method Therefor
CN103560889B (en) Precision identity authentication method between X509 digital certificate and certificate application
CN112199721A (en) Authentication information processing method, device, equipment and storage medium
CN108876375B (en) Block chain real name participation method and system
US20040083359A1 (en) Delegation by electronic certificate
US20100313117A1 (en) Electronic document control apparatus, method, program and system
US7581109B2 (en) Delegation of electronic signature by multi-agent cryptography
TWM520159U (en) Device for generating and identifying electronic document containing electronic authentication and paper authentication
US6839842B1 (en) Method and apparatus for authenticating information
WO2004012415A1 (en) Electronic sealing for electronic transactions
WO2022248938A1 (en) Authenticating data and communication sources
JP2007082043A (en) Time stamp service system
US20140143539A1 (en) Web tokens with a signature of a web page visitor
KR20200082186A (en) Method and system for automatic preparation of legal document
Siswanto et al. Implementation of digital signature for research paper legalization, authentication and ratification case study: training center for national cyber and crypto agency people
WO2012011509A1 (en) Digital data content authentication system
CN112446677B (en) Electronic signature method, device, equipment and storage medium
CN112966197B (en) Method, device, equipment and storage medium for displaying page electronic signature
JP2005527913A (en) Computer system for automating the controlled distribution of documents
US20230031804A1 (en) Computer-readable recording medium storing information processing program, information processing apparatus, and system
CN116680675A (en) Credential generation and verification methods, apparatus, systems, and computer readable storage media

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT CORPORATION, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHARLES, DENIS X.;JAIN, KAMAL;LAUTER, KRISTIN E.;REEL/FRAME:018630/0753

Effective date: 20061206

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034542/0001

Effective date: 20141014

FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20230809